Last Updated: October 18, 2021
DATA WE COLLECT
“Personal Data” means information that can be used to identify you, and may include (for example) your name, email address, and other contact information. We collect Personal Data that you voluntarily provide us, for example when you register a user account, sign up for mailing lists or newsletters, submit or upload a Watchlist (as defined below), or otherwise reach out to us. Your submission of Personal Data is voluntary, but we may be unable to provide you requested information or services if you choose not to provide necessary Personal Data.
“Other Information” means information that does not identify you personally, and may include technical details regarding the device you use to access the Services, IP address, operating system, browser, referral URLs, page views, location data (if location services are enabled), clicks, etc. Our systems automatically collect this kind of Other Information when you interact with the Services. Other Information also includes information that may originally have been Personal Data but has been aggregated or anonymized such that it cannot be used to identify any individual.
The Services may allow you to submit lists of data points (e.g., email addresses, passwords, etc.) for us to use in providing our security monitoring and hack notification services (“Watchlists”). By submitting a Watchlist or any item contained therein, you (i) represent and warrant that you have all necessary right, title, authority, and consent to provide such information to us and are (and will remain) in compliance with all applicable privacy and other laws regarding such data, and (ii) will indemnify us from and against any claims relating to our processing of such information in performance of the Services or as described herein.
COOKIES AND SIMILAR TECHNOLOGY; RETARGETING
We and our service providers use “cookies” to obtain certain types of data when your web browser accesses our website. Cookies are alphanumeric identifiers that we transfer to your computer’s hard drive through your web browser to enable our system to recognize you and your personalized settings, to better understand how you interact with the Services, to monitor aggregate usage, and to optimize web traffic routing on our website. Most browsers have settings to disable or limit cookies, but please note that certain areas or features of the Services may not be available or fully functional if you choose to disable cookies for our websites. We may also use pixel tags, web beacons, or similar technologies to understand how our users interact with our sites and emails. Our website does not respond to “do not track” signals.
We may use third-party analytics services such as Google Analytics, which help us understand how users are finding and using our Platform. Google Analytics collects information such as how often users visit the Platform, what pages they visit when they do so, and what other sites they used prior to coming to the Platform. We use the information we get from Google Analytics to improve the Platform and our offerings and to provide more relevant advertising. To learn more about Google Analytics’ privacy practices, you can visit https://support.google.com/analytics/answer/6004245?hl=en. To opt out of Google Analytics’ metrics, you can follow the instructions at https://tools.google.com/dlpage/gaoptout.
We may use third-party retargeting services such as those offered by LinkedIn, which helps us focus our marketing efforts on potential users who have interacted with our pages or ads on LinkedIn. You can opt out of LinkedIn’s retargeting services at https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
We do not control third parties’ collection or use of your information to serve interest-based advertising. You may be able to opt out of receiving personalized advertisements from companies who are members of the Network Advertising Initiative or who subscribe to the Digital Advertising Alliance’s Self-Regulatory Principles for Online Behavioral Advertising. For more information about this practice and to understand your options, please visit: http://www.aboutads.info and http://www.networkadvertising.org/choices/. You may also use TRUSTe’s Preference Manager at http://preferences-mgr.truste.com.
USE OF YOUR DATA
We use your Personal Data:
• for the purposes for which you provided it to us (e.g., to create or update your user account, register you for newsletters, or process a transaction, or provide security monitoring or other requested services, as applicable);
• to respond to your inquiries and communications to us;
• to improve, maintain, and operate the Services;
• to inform you about opportunities, events, or services in which you may be interested, including those offered by our affiliates;
• to investigate and prevent possible fraud;
• to exercise or defend our rights and comply with statutory and regulatory requirements, including responding to lawful requests for information by governmental authorities; and
• for other reasons with your prior consent.
You can opt out of receiving promotional or marketing emails from us at any time by clicking the unsubscribe, opt-out, or similar link at the bottom of any such emails. Please note we may still contact you in connection with your account or any transactions involving you (e.g., password resets, security/hack notifications, etc.).
We may use Other Information (which does not identify you personally) for any manner we deem appropriate, including without limitation to improve, maintain, and operate the Services.
DISCLOSURE OF YOUR DATA
We will not sell your Personal Data to third parties. We may share your Personal Data with our affiliates and as needed to fulfill the purposes described in the “USE OF YOUR DATA” section above, including:
• with our service providers, such as email service providers, customer support providers, and payment processors, who are only permitted to use the data on our behalf;
• as necessary to exercise or defend our rights or comply with applicable law or orders from law enforcement and other governmental authorities; and
• to other third parties with your prior consent.
Additionally, in the event of a merger, consolidation, sale, or transfer of all or substantially all of our assets or business, one of the assets that would generally be transferred is the data we have collected, which would be transferred subject to the applicable version of this Policy.
We may disclose Other Information (which does not identify you personally) to any parties and for any purposes we deem appropriate.
LOCATION; DATA RETENTION, ACCESS, AND CORRECTION; SECURITY
We are based in the United States. By using the Services, you consent to your Personal Data being transferred to and stored in the United States. We may retain your data so long as we can reasonably foresee the data may be required in connection with our business relationship with you. In some cases, we will retain the data for a longer period as necessary to comply with our legal obligations, follow records retention policies, resolve disputes, and enforce our agreements.
You may access and update your Personal Data by visiting your account preferences through the Services, or by contacting us as set forth at the end of this Policy. You may generally delete your Personal Data through your account in the Services or by contacting us to request such deletion, though in some cases we may be entitled to retain certain information pursuant to our legal obligations, if it was provided by a third-party customer, or if otherwise permitted by law.
We have implemented reasonable physical, organizational, and technical procedures to secure the Personal Data we have in our possession. Unfortunately, no measures can be guaranteed to provide 100% security when dealing with internet connections, so we ask that you do not send us any sensitive personal information (and you assume the risk if you choose to do so).
YOUR CALIFORNIA PRIVACY RIGHTS
California law entitles California residents to certain additional protections regarding Personal Data. For purposes of this section alone, “Personal Information” means any information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household.
• information regarding your Personal Information we have collected in the past 12 months (including the categories of Personal Information we have collected, the categories of sources of such information, and the purposes for which we have collected such information);
• notice of whether we have disclosed your Personal Information to third parties in the past 12 months (and if so, what categories of information we have disclosed, and what categories of third parties we have disclosed it to);
• a copy of your Personal Information collected by us in the past 12 months; and
• that your Personal Information be deleted.
We will not discriminate against you if you choose to exercise any of these rights. To make any of the above requests, please contact us as set forth at the end of this Policy. We may require verification of your identity before further processing your request. In certain instances, we may be permitted by law to decline some or all of such request. Please note that if you make unfounded, repetitive, or excessive requests (as determined in our reasonable discretion) to access your Personal Data, you may be charged a fee to the extent permitted by law.
TRANSFERS FROM THE EU, UK, AND SWITZERLAND
Because our Services are hosted on US-based servers, any information you send to us will be transferred to the United States. If such information includes Personal Data you are transferring from the EU, UK, or Switzerland, then to the extent required by applicable privacy laws (such as the EU’s GDPR or the UK or Swiss counterparts to the GDPR) such transfer will be subject to the Standard Contractual Clauses promulgated by the European Commission for transfers of personal data to non-EU/EEA jurisdictions. In such event, you will be deemed the “data controller” and we will be the “data processor” for purposes of such clauses and compliance with applicable privacy laws.
YOUR EU, UK, AND SWISS PRIVACY RIGHTS
If you are a EU, UK, or Swiss resident, applicable data protection laws may provide you with certain rights with regards to our processing of your Personal Data. To the extent established under applicable law, EU, UK, or Swiss residents may have the right:
• to access, review, and update their Personal Data;
• to restrict our processing of their Personal Data;
• to request that we provide them a copy of, or access to, their Personal Data in structured, commonly used and machine-readable format (or that we transfer their Personal Data to another controller, when technically feasible);
• to withdraw their consent when our processing of their Personal Data is based on consent (and not another legitimate basis);
• to request that we delete their Personal Data (subject to certain limitations); and
• to lodge a complaint with the applicable supervisory authority in the EU. Before you do this, we ask that you please contact us directly in order to give us an opportunity to work directly with you to resolve any concerns about your privacy.
To make any of the above requests, please contact us as set forth at the end of this Policy. We may require verification of your identity before further processing your request. In certain instances, we may be permitted by law to decline some or all of such request. Please note that if you make unfounded, repetitive, or excessive requests (as determined in our reasonable discretion) to access your Personal Data, you may be charged a fee to the extent permitted by law.
Please note that if we received your Personal Data from one of our customers, that customer is the data controller for purposes of the GDPR and similar privacy laws and we may need to refer you to such customer for resolution of your inquiries or complaints.
The Services are not directed toward children under 13. If a parent or guardian becomes aware that his or her child has provided us with personal information, the parent or guardian should contact us as set forth at the end of this Policy, and we will take reasonable steps to promptly remove such data from our systems (subject to any applicable, legally required or permitted, retention standards).
To make any requests described herein, or otherwise contact us regarding this Policy or our privacy practices, please contact us at email@example.com.